Commit graph

962 commits

Author SHA1 Message Date
Václav Muzikář
33425dacd9
Add proxy-headers option to the Keycloak CR (#27092)
Closes #25179

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 12:19:37 +01:00
Václav Muzikář
de60c9b469
Tweak the default memory request and limit in the Operator (#27170)
Closes #27169

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 10:03:17 +01:00
Takashi Norimatsu
1bdbaa2ca5 Client policies: executor for validate and match a redirect URI
closes #25637

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-20 08:37:33 +01:00
Joshua Sorah
018914d7fd Change Open ID Connect to OpenID Connect in UI and docs
Closes #27093

Signed-off-by: Joshua Sorah <jsorah@redhat.com>
2024-02-19 17:01:57 +01:00
Václav Muzikář
fb49c21f90
Fix docs around --config-file option (#27129)
Closes #22540

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-19 15:13:09 +01:00
Takashi Norimatsu
849a920955 Rename Resident key to Discoverable Credential
closes #9508

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-19 14:12:15 +01:00
Alexander Schwartz
5f797e3e71
Update Keycloak HA Guide new resource limit settings (#27079)
Closes #27078

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-19 10:41:49 +01:00
Alexander Schwartz
7135b4ec4c
Add Amazon Aurora PostgreSQL to the list of tested databases (#27049)
Closes #27048

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-19 09:16:49 +01:00
Marek Posolda
d8ab12eab7
Release notes for Keycloak 24 with OIDC contributions (#27047)
closes #25729

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-16 08:34:20 +01:00
Vlasta Ramik
76453550a5
User attribute value length extension
Closes #9758

Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-02-16 08:09:34 +01:00
Martin Bartoš
59007844d9
Supported option to specify resource management for pods in Keycloak CR (#26661)
Closes #26456

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-15 13:38:41 +01:00
rmartinc
4ff4c3f897 Increase internal algorithm security using HS512 and 128 byte hmac keys
Closes #13080

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-15 08:16:45 +01:00
Marek Posolda
16fca0118e
User profile - release notes and more migration instructions (#27003)
closes #26917
closes #26932

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:14:16 +01:00
Marek Posolda
e2fb8406a3
Fixing the docs about default hashing iterations (#27020)
closes #26816

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:11:44 +01:00
Joshua Sorah
b81233a4af
[docs] Align OAuth 2.0 Security Best Current Practice links (#24706)
Closes keycloak/keycloak#24705

Signed-off-by: Joshua Sorah <jsorah@gmail.com>
2024-02-13 13:53:56 +01:00
Michal Hajas
83f3e91e4f
Use http-pool-max-threads in HA guides
Closes #26849

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 10:01:59 +00:00
Pedro Igor
750bc2c09c Reviewing references to user attribute management and UIs
Closes #26155

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-12 16:01:34 +01:00
mposolda
7af753e166 Documentation for AIA
closes #25569

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-12 09:42:34 +01:00
Thomas Darimont
93fc6a6c54 Shorter lifespan for offline session cache entries in memory
Closes #26810

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-02-09 19:44:04 +01:00
stianst
d2f74dd83d Fix anchors in securing apps guide in prod profile
Closes #26853

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-09 12:31:30 +01:00
Pedro Igor
b91ad23b20
Update theme documentation about the considerations when deploying custom themes (#26885)
Related #23907

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-09 04:21:54 +01:00
Steven Hawkins
77581d2527
fix: change from operator. to kc.operator. keys (#26414)
closes #12352

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-08 15:03:20 +01:00
Michal Hajas
de598577b1 Fix confusing SAML NameId mapper format tooltip
Closes #26051
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2024-02-08 11:21:11 +01:00
Stian Thorgersen
cd1e483134
Remove section on adding custom attributes with account v1 and custom themes (#26858)
Closes #26856

Signed-off-by: stianst <stianst@gmail.com>
2024-02-08 07:28:32 +01:00
Alexander Schwartz
786023fd06
Update HA guide about non-blocking probes (#26783)
Closes #26781

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 16:16:50 +01:00
Michael Schnitzler
fdfe41bdda fix documentation for resetting OTP in "reset credentials" flow (#26834)
The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled.

Fixex #26834

Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>
2024-02-07 11:57:58 -03:00
Tero Saarni
ac1780a54f
Added event for temporary lockout for brute force protector (#26630)
This change adds event for brute force protector when user account is
temporarily disabled.

It also lowers the priority of free-text log for failed login attempts.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 14:13:33 +00:00
zak905
bcd423b270 rephrase sentence in changes-22_0_0.adoc for more clarity
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
zak905
c7db7bd528 Update custom rest endpoint documentation and example
Add a mention about beans.xml and @Provider in the extending server documentation

Add beans.xml in the rest provider example

Add a mention about @Provider in the upgrading guides

Closes #25882

Signed-off-by: zak905 <zakaria.amine88@gmail.com>

Address suggested change for docs/documentation/server_development/topics/extensions.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Address suggested change for docs/documentation/server_development/topics/extensions.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>

Address suggested change for docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
2024-02-07 09:32:43 -03:00
mposolda
ab7426b857 User profile migration documentation for default validations and strange attributes
closes #26634
closes #25979

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-06 16:48:03 -03:00
Alexander Schwartz
486b199548 Make label for Keycloak container images configurable
Closes #26819

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-06 16:16:00 +01:00
Stian Thorgersen
c4b1fd092a
Use code from RestEasy to create and set cookies (#26558)
Closes #26557

Signed-off-by: stianst <stianst@gmail.com>
2024-02-06 15:14:04 +01:00
Hynek Mlnarik
c866e8e6f9 Introduce index.ftl into base account theme
Fixes: #26487

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-06 14:29:07 +01:00
Alexander Schwartz
43c200a8ce Update migration guide
Closes #26490

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-05 14:41:44 +01:00
Kamesh Akella
4459ed66ad update cpu sizing based on the hashing changes
Closes #26490

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
2024-02-05 14:41:44 +01:00
Michal Hajas
80de12d59a Update HA guides to use the new ISPN config options
Closes #26776

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-05 11:40:08 +01:00
Pascal Paulis
2785bbd29b
added comment about MySQL Server parameter sql_generate_invisible_primary_key
Closes #23268

Signed-off-by: Pascal Paulis <ppaulis@gmail.com>
2024-02-05 10:36:31 +01:00
Pedro Igor
4338f44955 Reviewing the user profile documentation
Closes #26154

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-02 17:14:51 +01:00
christian-2
e14b523a8d
Fixes typo in Server Administration guide (#26543)
Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
2024-02-01 19:36:32 +01:00
mposolda
56a605fae7 Documentation for SuppressRefreshTokenRotationExecutor
closes #26587

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-01 17:18:50 +01:00
Martin Bartoš
14d97ca9ea Update Maven dependency versions for docs
Update Maven Wrapper version

Closes #26689

Fixes #26686

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-01 13:42:25 +01:00
Pedro Igor
3a7ce54266 Allow formating numbers when rendering attributes
Closes keycloak#26320

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-01 08:14:58 -03:00
Martin Kanis
a3fcacdab7 Map Store Removal: deprecate model legacy module
Closes #26598

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-31 17:40:45 +01:00
Steven Hawkins
66e45a335e
doc: noting the formats apply to spi options as well (#26648)
closes: #26468

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 16:09:47 +00:00
Steven Hawkins
f55e903092
Convert watching to polling and adding infinispan config file support (#26510)
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 12:57:34 +00:00
Alexander Schwartz
c1ae9a0817
Prevent blank after backslash which breaks shell execution (#26632)
Closes #26631

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-31 13:17:31 +01:00
Stian Thorgersen
bc3c27909e
Cookie Provider (#26499)
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
2024-01-26 10:45:00 +01:00
Martin Kanis
7797f778d1 Map Store Removal: Rename legacy modules
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Thomas Darimont
e7363905fa Change password hashing defaults according to OWASP recommendations (#16629)
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):

- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
  to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly

Fixes #16629

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters (#26261)
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters

Closes #26255

Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes (#26273)
Closes #24105

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Jon Koops
5bf2d4b6ec
Enable PKCE by default for Keycloak JS (#26412)
Closes #26411

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 14:04:13 +01:00
Thomas Darimont
cc7d6a9b79
Improve wording for Concepts for configuring thread pools in docs
Closes #26402

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-23 12:56:55 +00:00
Alexander Schwartz
e6cd9a2987
Remove product specific content about Linux only (#26222)
Closes #26220

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-22 10:38:07 +01:00
Pedro Ruivo
70b4c6bf52
Encrypt network communication in JGroups
Closes #25702 

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-18 17:24:27 +00:00
rmartinc
2f0a0b6ad8 Remove deprecated mode for saml encryption
Closes #26291

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-18 16:52:10 +01:00
Lex Cao
a960d0d8fa Add upgrading docs for changes to send-verify-email API
Closes #26146.

Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-18 09:48:01 +01:00
Ryan Emerson
ba76682590
Use the http-max-queued-requests option for load shedding in HA docs
Resolves #26223

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-01-17 15:44:08 +01:00
Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading (#26160)
Closes #25300

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-16 09:29:01 +01:00
Luca Orlandi
d70dd9db67
Update placeholders for hostname and port (#24153)
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-11 12:05:05 +01:00
Kévin Martins
16dddfa49c
Complete the documentation for the use case of a resource from an email template. (#25705)
Signed-off-by: Kevin MARTINS <k.martins@ubitransport.com>
2024-01-10 18:08:04 -03:00
Alexander Schwartz
0f48027ffb Reduce internal unsupported options in the Keycloak HA documentation
Closes #26068

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-10 17:38:15 +01:00
AndyMunro
b875acbc20 Change RHDG to Infinispan
Closes #26083

Signed-off-by: AndyMunro <amunro@redhat.com>
2024-01-10 17:18:50 +01:00
rmartinc
179ca3fa3a Sanitize logs in JBossLoggingEventListenerProvider
Closes #25078

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-10 16:50:27 +01:00
Alexander Schwartz
4be4212dca
Remove conditionals about Linux vs. Windows (#26031)
Closes #26028

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-10 16:03:38 +01:00
Steven Hawkins
41dd1d2161
doc: adding notes about header priority (#25959)
closes: keycloak#23023

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-10 09:21:49 +01:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. (#25709)
Closes #22082

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
2024-01-09 16:55:22 +01:00
andymunro
70e15bdaa4
Clarify note about containers
Closes #26006

Signed-off-by: AndyMunro <amunro@redhat.com>
2024-01-09 15:20:18 +01:00
shigeyuki kabano
8b65e6727b Creating documentation for Lightweight access token(#25743)
Closes keycloak#23725

Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
2024-01-09 09:48:20 +01:00
Pedro Igor
7fad0e805e
Improve brute force documentation around how the effective wait time is calculated
Closes #25915

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-01-09 07:50:17 +00:00
Sebastian Schuster
92d6da437b
Fixed tiny doc typo (#26012)
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-01-09 08:02:02 +01:00
Douglas Palmer
58d167fe59 Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user.
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-08 19:32:01 -03:00
Alexander Schwartz
badf3f461d Making metrics with labels for embedded Infinispan the default
Closes #25935

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-08 21:29:03 +01:00
Jon Koops
ddcaa6dcbf
Add release announcement and migration for new welcome theme (#25895)
Closes #25894

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-08 13:10:51 +00:00
Steven Hawkins
7bde7c30cc
fix: do not split on space for option errors (#25876)
closes #25783

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-05 13:01:17 +01:00
Pedro Igor
8ff9e71eae Do not allow verifying email from a different account
Closes #14776

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 12:45:07 +01:00
Ryan Emerson
60f80ce0c8
Update Route53 HA guide to be compatible with ROSA and OpenShift 4.14.x (#25900)
Closes #25733

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-04 17:45:32 +00:00
Pedro Ruivo
2c70b45205
High Availability Docs: use unbounded token for cross-site connection
Expirable tokens are more secure but it requires manual intervention to
create and share them when they expire.

I have updated the documentation to use non-expirable tokens.

Closes #25909

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-04 17:12:17 +00:00
Ben Cresitello-Dittmar
057d8a00ac Implement Authentication Method Reference (AMR) claim from OIDC specification
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.

This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.

The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.

Closes #19190

Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
2024-01-03 14:59:05 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features (#24811)
also adding a common PropertyMapper validation method

closes #24668

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Pedro Igor
ceb085e7b8 Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email
Closes #25704

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-20 15:15:06 -03:00
Takashi Norimatsu
751cadc514 Documentation about Australia Consumer Data Right security profile
closes #25236

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-12-19 21:06:03 +01:00
Konstantinos Georgilakis
ba8c22eaf0 Scope parameter in Oauth 2.0 token exchange
Closes #21578

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2023-12-18 15:44:26 -03:00
Pedro Igor
778847a3ce Updating theme templates to render user attributes based on the user profile configuration
Closes #25149

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-18 15:35:52 -03:00
Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores
closes #10794

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-18 15:56:43 +01:00
Steven Hawkins
e148021a67
fix: adding filtering to ignore anything runtime during a build (#25434)
fix: adding filtering to ignore anything runtime during a build

closes: #25166

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-12-18 12:50:47 +00:00
Marek Posolda
be935c2763
Incorrect version of the fix in release notes (#25661)
closes #25660

Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-18 11:56:58 +01:00
Takashi Norimatsu
59536becec Client policies : executor for enforcing DPoP
closes #25315

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-12-18 10:45:18 +01:00
AndyMunro
2853136bbb Remove topic on user attributes in Account Console
Closes #22555

Signed-off-by: AndyMunro <amunro@redhat.com>
2023-12-15 12:07:35 +01:00
Erwin Rooijakkers
860978b15a Change arg of getSubGroups to briefRepresentation
Parameter name briefRepresentation should mean briefRepresentation,
   not full. This way callers will by default get the full
   representation, unless true is passed as value for
   briefRepresentation.

   Fixes #25096

Signed-off-by: Erwin Rooijakkers <erwin@rooijakkers.software>
2023-12-14 17:23:27 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr (#25215)
also generally correcting the misspelling trustore

closes: #24798

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-14 11:15:06 -03:00
Václav Muzikář
e4c348e99e
Add new --proxy-headers option (#25178)
* Add new `--proxy-headers` option

Closes #23431

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>

* Address review comments vol. 03

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Address review comments vol. 04

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-13 10:48:12 -03:00
Pedro Igor
fa79b686b6 Refactoring user profile interfaces and consolidating user representation for both admin and account context
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-13 08:27:55 +01:00
Ryan Emerson
fc2120c881
Add docs for automating Infinispan CLI commands
Add docs for automating Infinispan CLI commands, Move Batch CR to its own concept

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-11 17:48:28 +01:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag (#25216)
closes: #25015



Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-12-11 16:15:16 +00:00
Steven Hawkins
ba3451ff2e
doc: adding a note about removing the (#25436)
closes: #25307

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-08 17:47:33 +01:00
Steven Hawkins
a04613e7ea
doc: adding a note about config expressions
Closes: #19831

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-12-06 19:29:47 +00:00
Alexander Schwartz
a08f112f79
Add links to guides and GitHub discussions (#25271)
This should increase the likelihood for feedback

Closes #25270

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-05 08:57:52 +01:00
Michal Hajas
d387f13525
Add tests for lb-check endpoint
Added documentation why the check retries and updated outdated docs

Closes #25113

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-04 08:53:37 +01:00
Michal Hajas
cafc238ff2
Add documentation for lb-check
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-30 12:47:06 +00:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore (#24473)
closes #24148

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
Alexander Schwartz
dd5b9b1c36
Fix cross-links in guides and remove unprocessed content in include (#25126)
Closes #25090

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-30 08:17:23 +01:00
rmartinc
16afecd6b4 Allow automatic download of SAML certificates in the identity provider
Closes https://github.com/keycloak/keycloak/issues/24424

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
rmartinc
3bc028fe2d Remove lowercase for the hostname as recommended/advised by OAuth spec
Closes https://github.com/keycloak/keycloak/issues/25001

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 10:26:00 -03:00
Takashi Norimatsu
29aec9c5b5 Documentation Inconsistency about Open Banking(Finance) Brasil FAPI security profile
closes #25108

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2023-11-29 07:39:51 -03:00
Stian Thorgersen
ccf9a50d4d
Add a doc with relevant links around CNCF (#24227)
* Add a doc with relevant links around CNCF

* Update docs/cnfc.md

* Update docs/cnfc.md

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

---------

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-11-29 05:51:56 +01:00
Steven Hawkins
dacee3a36b
doc: adding a note that quoting all of the arguments no longer works (#25083)
closes #25018

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-11-28 14:31:47 +01:00
Jon Koops
48fc29a5c6
Use exports field for Keycloak JS (#24974)
Closes #24923

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-24 10:50:02 +01:00
Alexander Schwartz
68b33be655 Adress keycloak high-availability guide follow-up items
Closes #24975

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-23 17:12:46 +01:00
Stian Thorgersen
f41383a851
Release notes editorial for 23 (#24972)
Signed-off-by: stianst <stianst@gmail.com>
2023-11-23 13:34:45 +01:00
Alexander Schwartz
834ef79509
Adding a Keycloak High Availability section to Keycloak's docs
The content was moved over from the Keycloak Benchmark subproject.

Closes #24844

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Kamesh Akella <kakella@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Anna Manukyan <amanukya@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: AndyMunro <amunro@redhat.com>
2023-11-23 12:27:47 +00:00
Martin Ledvinka
da260b386c Fix incorrect preview feature reference (keycloak#24966).
Closes #24966.

Signed-off-by: Martin Ledvinka <martin.ledvinka@fel.cvut.cz>
2023-11-23 12:48:00 +01:00
Jon Koops
e13d3264a2
Stop copying resources from Account v2 theme into 'common' (#24929)
Closes #24928

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-22 17:03:52 +01:00
mposolda
87c45437a5 Release notes for max auth age password policy
Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-22 07:35:09 +01:00
Marek Posolda
765e4838e9
Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation. (#24877)
* Update EAP documentation for OIDC and SAML (#24734)

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

(cherry picked from commit d7f2ad747d90dd0475a016fcfd528fea4ebed043)

Signed-off-by: Stian Thorgersen <stianst@gmail.com>

* Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation.
Closes #24713

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-21 14:22:00 +00:00
Václav Muzikář
15a83985b1 Implement load shedding
Closes #23340

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-21 13:43:09 +01:00
Steven Hawkins
4968c35536
fix: correcting the realmrepresentation link (#24869)
closes #22194

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-11-21 09:09:00 +01:00
Tomas Ondrusko
8ac6120274
Social Identity Providers documentation adjustments (#24840)
Closes #24601

Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
2023-11-20 22:26:11 +01:00
Thomas Darimont
d30d692335 Introduce MaxAuthAge Password policy (#12943)
This policy allows to specify the maximum age of an authentication
with which a password may be changed without re-authentication.

Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible.
A value of 0 will always require reauthentication to update the password.
Add documentation for MaxAuthAgePasswordPolicy to server_admin

Fixes #12943

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-11-20 14:48:17 +01:00
Erik Jan de Wit
44a95c72f1
added namespace migration documentation (#24497)
fixes: #23061

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-11-20 14:11:38 +01:00
andymunro
7d62f6308d
Create an attribute for Getting Started (#24825)
* Create an attribute for Getting Started

Closes #24824

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 13:16:35 +01:00
Alexander Schwartz
2bb31b1bfc Fix DocsBuildDebugUtil signatures, and ensure it can be called from an IDE
Closes #24817

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 09:14:57 -03:00
rmartinc
5fad76070a Use LinkedIn instead of LinkedIn OpenID Connect for better UI experience
Closes https://github.com/keycloak/keycloak/issues/24659

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-16 18:22:16 +01:00
Tomas Ondrusko
fe48afc1dc Update Social Identity Providers documentation (#24601)
Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
2023-11-16 17:58:53 +01:00
andymunro
d4cee15c3a
Correct Securing Apps Guide (#24730)
* Correcting Securing Apps guide

Closes #24729

Signed-off-by: AndyMunro <amunro@redhat.com>

* Update docs/documentation/securing_apps/topics/saml/java/general-config/sp_role_mappings_provider_element.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: AndyMunro <amunro@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-14 11:04:55 +01:00
AndyMunro
20f5edc708 Addressing Server Admin review comments
Closes #24643

Signed-off-by: AndyMunro <amunro@redhat.com>
2023-11-13 15:48:02 +01:00
Alexander Schwartz
1b12fe132b Update documentation for removal of the map store
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>

Closes #24092
2023-11-13 15:38:05 +01:00
vramik
71b6757c2f Remove quarkus options related to map store
Signed-off-by: vramik <vramik@redhat.com>

Closes #24098
2023-11-13 12:34:52 +01:00
Alexander Schwartz
8acb6c1845 Fix broken link to node.js and internal anchor
Closes #24699

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-13 12:20:54 +01:00
andymunro
bf17fcc0be
Fix broken links (#24476) 2023-11-13 09:17:34 +01:00
Hynek Mlnarik
f557b2c88c Transient sessions: Documentation
Closes: #24278
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2023-11-10 11:22:04 +01:00
Stian Thorgersen
565bc7d664
Add attributes.adoc for guides to share common attributes (#24519) 2023-11-08 15:09:04 +01:00
mposolda
4ec85707f4 Upgrading notes for user profile
closes #24491

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-06 02:19:26 -08:00
AndyMunro
a4b5d66aa0 Minor fixes for FIPS and Operator Guide
Closes #24513
2023-11-03 11:00:55 +01:00
vramik
593c14cd26 Data too long for column 'DETAILS_JSON'
Closes #17258
2023-11-02 20:29:35 +01:00
AndyMunro
9ef9c944d0 Minor changes to documentation
Closes #24456
2023-11-01 22:14:11 +01:00
mposolda
70e820469a Updating release notes for Keycloak 23 with some 'core features' improvements
closes #23971

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-01 17:39:02 +01:00
rokkiter
e1735138cb
clean util * (#24174)
Signed-off-by: rokkiter <yongen.pan@daocloud.io>
2023-11-01 17:14:11 +01:00
Kohei Tamura
e96d6b38a8
Correct the value of option --cache-stack (#24338) 2023-11-01 12:57:06 +01:00
Ivan Atanasov
7b0683879d Updated documentations to mention Resteasy reactive migration
Closes #23444
2023-10-31 20:59:12 +01:00
Justin Tay
3ff0476cc3 Allow customization of aud claim with JWT Authentication
Closes #21445
2023-10-31 11:33:47 -07:00
rmartinc
7deb4ca545 Group count and PartialExport permission fixes
Closes https://github.com/keycloak/keycloak/issues/12171
2023-10-31 01:40:21 -07:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
Closes #23695
2023-10-30 07:50:06 -04:00
Axel Bocciarelli
427f7230f3
Fix typo in available-endpoints.adoc (#24378) 2023-10-30 09:53:33 +00:00
rmartinc
ea398c21da Add a property to the User Profile Email Validator for max length of the local part
Closes https://github.com/keycloak/keycloak/issues/24273
2023-10-27 15:09:42 +02:00
Hynek Mlnařík
3f55cd72d7 Docs: Fix account name
Closes: #24341
2023-10-27 09:32:27 +02:00
Alice
69497382d8
Group scalability upgrades (#22700)
closes #22372 


Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-10-26 16:50:45 +02:00
Thomas Darimont
d56baa80b3
Add support for passing acr_values in auth requests in keycloak.js (#9383) (#24259)
Fixes #9383
2023-10-25 15:33:39 +02:00
Marek Posolda
1bd6aca629
Remove RegistrationProfile class and handle migration (#24215)
closes #24182


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-10-24 20:19:33 +02:00
Takashi Norimatsu
1c8cddf145 passkeys: documentation
closes #23660
2023-10-24 14:48:13 +02:00
Joshua Sorah
e889d0f12c
[docs] Update Docker Registry links to new locations. (#24193)
Closes keycloak/keycloak#24179
2023-10-23 08:27:36 +02:00
Stephen Morris
17389e6e29
Fixed some typographical and language usage issues in fips.adoc (#24056)
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-10-20 10:02:47 +02:00
Alexander Schwartz
a3c29b8880
Tidy up documentation around Windows/Linux usage (#23859)
Closes #23856
2023-10-17 10:41:44 +02:00
AndyMunro
7dda393120 Make minor changes to Getting Started
Closes #23951
2023-10-16 17:47:55 +02:00
Václav Muzikář
b3be89de9b Remove mentions of Crunchy Operator from docs
Closes #24007
2023-10-16 17:36:02 +02:00
Jon Koops
d32aac9dee
Remove unused GitHub workflow files from docs (#24011) 2023-10-16 13:15:43 +02:00
andymunro
6074cbf311
Limit Admin CLI windows support to upstream
Closes #23946

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-10-13 12:08:11 +02:00
Kohei Tamura
2df2aed044
Fix incorrect description of offline session (#23964) 2023-10-13 11:08:57 +02:00
Steven Hawkins
478ceb0b34
modification of kc.sh to remove param eval (#22585)
* test

* modification of kc.sh to remove eval of env/args

Closes #22337

---------

Co-authored-by: rmartinc <rmartinc@redhat.com>
2023-10-12 17:10:53 +02:00
Václav Muzikář
db7ca7fb66 Update Operator product documentation
Closes #23862
2023-10-11 18:23:31 +02:00
Alexander Schwartz
e672ea4f8e
Simplify the docs referencing the container registry (#23874)
Closes #23873
2023-10-11 08:53:28 +02:00
Alexander Schwartz
521db012f3 Fixing missing import for guide
Closes #23800
2023-10-10 15:44:55 -03:00
AndyMunro
c64a3fe7bb Add disclaimer about Kubernetes
Closes #23800
2023-10-10 18:58:12 +02:00
Yoshikazu Nojima
058d00fea8 Rewrite mention to add-user-keycloak since it was already removed 2023-10-05 16:56:31 -03:00
andymunro
469c306cd5
Remove recommendation to file a GitHub issue (#23712)
#Close 23711
2023-10-05 07:42:37 +02:00
andymunro
1332e53a97
Code certain features as upstream only (#23603)
Closes #23581
2023-10-03 14:50:23 -04:00
Alex Szczuczko
fbae2251e1
Add setup erase command to example for adding more RPMs to the server container (#23639)
Closes #23637
2023-10-03 09:06:55 +02:00
Martin Bartoš
c9d93019c2
Remove deprecated auto-build CLI option (#23361)
Closes #23360
2023-09-27 18:56:38 +02:00
Marek Posolda
69466777c0
Clarify transient sessions documentation (#23328)
Closes #23044


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-09-27 15:14:52 +02:00
Joshua Sorah
778abf8597 Add references to OAuth 2.0 Security Best Practices for Implicit and
ROPC flow, reformat Device Auth section.

Apply suggestions from code review

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

Closes keycloak/keycloak#23480
2023-09-27 11:43:57 +02:00
Anil-Shanker
b031aba429
Update configuration.adoc (#23461)
Fix minor typo in "Configuring Keycloak" docs page

Closes #23460
2023-09-22 06:26:44 +00:00
Steven Hawkins
7d1e9a783f
adds a default domain on openshift if one is not specified (#23324)
Closes #21741
2023-09-21 14:43:29 +02:00
Alexander Schwartz
5070f41007
Ignoring link for stackapps registration (#23347)
It now requires authentication.

Closes #23345
2023-09-21 12:44:45 +02:00
mposolda
d4a793be64 Update FIPS 140-2 documentation to clarify default keystore format
closes #23053
2023-09-20 16:15:32 -03:00
Alexander Schwartz
227b841c4a
Show images in the documentation in the IDE's preview (#23055)
Closes #23054
2023-09-19 11:28:48 +02:00
Alexander Schwartz
41fd12d20a
Prevent exception in the log (#22201)
Also speed up the external link check by avoiding checking each bug submission link in the rendered docs which only differs by its parameter.

Closes #22200
2023-09-19 11:04:01 +02:00
MorgeMoensch
95ecf446ca
Link to AdminGuide from REST-API Doc instead of just referencing it by text (#23286) 2023-09-15 14:43:29 +02:00
Martin Bartoš
3a3df50f74
Improve documentation about manual database migration (#23247)
Closes #23246
2023-09-15 10:41:33 +02:00
ImFlog
f4ec14c3fe doc(js-providers): Add OIDC object mapper documentation 2023-09-14 11:42:06 -03:00
Andreas Blaettlinger
86c0e338d9 Toggle visibility of password input fields in login-ftl-based pages
Closes #22067
2023-09-14 08:04:35 -03:00
Stian Thorgersen
1194c2507d
Add 22.0.3 to release notes (#23238)
Closes #23235
2023-09-14 11:06:06 +02:00
Pedro Igor
5958c7948d
Ignore attributes when they are not prefixed with user.attributes prefix (#23184)
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: stianst <stianst@gmail.com>
2023-09-14 10:35:47 +02:00
Rohan gupta
efe1adc0b1
Windows Command - need to use the backward Slash (#23196) 2023-09-13 09:50:42 +02:00
mposolda
b10da3d3b5 Move email validation change docs to migration guide of 22.0.4
closes #23177
2023-09-13 08:39:30 +02:00
Marek Posolda
56b94148a0
Remove bearer-only occurences in the documentation when possible. Mak… (#23148)
closes #23066


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-09-12 09:38:19 +02:00
mposolda
36dd9cb937 Move email validation change docs to migration guide of 22.0.3
closes #23124
2023-09-11 21:03:34 +02:00
Jon Koops
82bf84eb6b Fix broken redirect in con-advanced-settings.adoc
Closes #23134
2023-09-11 11:46:54 +02:00
kaustubh-rh
62927433dc
Fix for Keycloak 22.0.1 unable to create user with long email address (#23109)
Closes #22825
2023-09-11 08:56:13 +02:00
rmartinc
7da52a43bd Add old LinkedIn provider to the deprecated profile
Closes https://github.com/keycloak/keycloak/issues/23067
2023-09-08 10:05:17 +02:00
Alexander Schwartz
2eb37dbe4f Remove MS SQL JDBC driver from the Keycloak product
Closes #22983
2023-09-07 15:30:34 +02:00
Alexander Schwartz
f086e008dc
Update dependencies to enable Maven also-make working for Quarkus (#23020)
Closes #23019
2023-09-07 13:15:20 +02:00
Christoph Schulz
51d19c505b
Add indent mentioned beforehand in Preface (#23036) 2023-09-07 08:14:23 +02:00
Martin Bartoš
6ca78b7554 Return Oracle JDBC driver to the upstream
Closes #22999
2023-09-06 19:11:29 +02:00
rmartinc
8887be7887 Add a new identity provider for LinkedIn based on OIDC
Closes https://github.com/keycloak/keycloak/issues/22383
2023-09-06 16:13:31 +02:00
andymunro
166e2e4c91
Use screenshot showing fast (#22873)
Closes #22871
2023-09-01 08:54:00 +02:00
Pedro Igor
13e5a02b9f Role mappers must return a single value when they are not multivalued
Closes #20218
2023-08-31 19:16:12 +02:00
Steven Hawkins
5fc4dd03ad
removes direct operator installation for the product (#22828)
Closes #22829
2023-08-30 18:21:38 +02:00
andymunro
228da84385
Blank Java section in Securing Apps
Closes #22800
2023-08-30 13:48:12 +02:00
mposolda
57e51e9dd4 Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation
closes #20045
2023-08-30 13:24:48 +02:00
Martin Bartoš
7c013e8d48
Add a Maven profile to remove GELF support (#22615)
Closes #22515

Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
2023-08-29 17:03:08 +00:00
Marek Posolda
6f989fc132
Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal (#22531)
closes #22352 #9422
2023-08-29 11:21:01 +00:00
Martin Bartoš
430c883eda Provide support for determining community/product guides
Closes #22762
2023-08-29 13:13:03 +02:00
Steve Mokris
b776746455
Update health.adoc to link to the Quarkus SmallRye Health docs (#22324) 2023-08-25 16:48:52 +00:00
Erick G. Hagstrom
afaa8c2db9
Fix ambiguity about custom providers in containers.adoc (#22162)
Amplified the explanation of how to include custom providers in a Dockerfile.

Added code to provide context.

Closes #22161

Co-authored-by: Erick G. Hagstrom <erick.hagstrom@innovationhub-act.org>
2023-08-23 09:19:22 +02:00
Martin Bartoš
fcf65389ea
Remove Oracle Database JDBC driver from the Keycloak distribution (#22577)
* Remove Oracle Database JDBC driver from the Keycloak distribution

Closes #22452

* Remove profile for proprietary Oracle JDBC driver

---------

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-08-21 15:13:49 +00:00
Alexander Schwartz
b99eb52cee Fix mis-alignment of table and enforce checks on AsciiDoc during build
Closes #22518
2023-08-17 13:35:57 -03:00
AndyMunro
bbeac9d533 Address Getting Started review
Closes #22500
2023-08-17 15:06:15 +02:00
Alexander Schwartz
bcfadfc430 Use Freemarker links between different guide pages
Closes #22345
2023-08-16 16:32:08 +02:00
Alexander Schwartz
8652adfe63 Fix layout of tables in the new guides
Closes #22405
2023-08-14 17:16:04 +02:00
Václav Muzikář
bcb99e63f7 Fix building instructions
Closes #22320
2023-08-08 16:39:14 -03:00
Marek Posolda
4900165691 Update docs/documentation/server_admin/topics/clients/oidc/con-advanced-settings.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-08 09:47:28 +02:00
mposolda
710f28ce9e DPoP release notes and documentation polishing
closes #21922
2023-08-08 09:47:28 +02:00
Takashi Norimatsu
e46de8afeb DPoP documentation
closes #21917
2023-08-04 09:24:21 +02:00
Marek Posolda
d954dfec5e
Release notes and documentation for FAPI 2 (#22228)
Closes #21945


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-04 08:21:27 +02:00
Peter Zaoral
c5d9e222db Update OCP4 Social IdP example setup in the latest docs
* improved openshift.adoc

Closes #22159

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-08-03 18:57:08 +02:00
rmartinc
05bac4ff0e Remove option Nerver Expires for tokens in Advanced OIDC client configuration
Closes https://github.com/keycloak/keycloak/issues/21927
2023-08-03 12:16:08 +02:00
Alexander Schwartz
5c6df3d26e
Ignore new NodeJS redirect (#22187)
Closes #22186
2023-08-03 11:01:33 +02:00
Šimon Vacek
bbc66ad580
Fixed outdated documentation for building Keycloak (#22157)
Co-authored-by: Simon Vacek <svacek@redhat.com>
2023-08-01 17:16:50 +02:00
Alexander Schwartz
748c53df7f
Use Java mechanisms to read language files and default to UTF-8 (#21755)
Closes #21753
2023-08-01 11:27:10 +02:00
aghArdeshir
e64269de70
Remove duplicated description of Scope in JavaScriptAdapter docs (#22084)
The first one had more information than the second one, so I removed the second one altogether
2023-07-31 08:23:41 +00:00
Peter Zaoral
8ad6bc49a3
Hostname guide improvements (#21846)
* changed hostname.adoc

Closes #20931

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>, Václav Muzikář <vaclav@muzikari.cz>
2023-07-28 17:38:07 +02:00
Alexander Schwartz
08dfdffbfb
Fixed updated links for freeipa (#22040)
Closes #22039
2023-07-28 07:31:03 +02:00
Vlasta Ramik
29b67fc8df
Inconsistent Wildcard handling for JPA (#21671)
* Inconsistent Wildcard handling for JPA

Closes #20610

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-07-27 17:03:22 +02:00
Alexander Schwartz
08838f77ca Adding Maven Build Cache Extension as opt-in feature
Closes #20882
2023-07-24 13:07:15 +02:00
Takashi Norimatsu
2efd79f982 FAPI 2.0 security profile - supporting RFC 9207 OAuth 2.0 Authorization Server Issuer Identification
Closes #20584
2023-07-24 09:11:30 +02:00
David Bister
9420670f14 Update regex password policy to state the specific type of regex to be used.
Closes #21652
2023-07-14 16:32:37 +02:00
Stian Thorgersen
304897b226
Fix links to quickstarts (#21639)
Closes #21637
2023-07-12 14:03:49 +02:00
stianst
a2100d18d4 Enable 22 migration docs
Closes #21629
2023-07-12 13:27:40 +02:00
Pedro Igor
702495fe22
Remove adapters from product documentation (#21177)
Closes #21176
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-07-11 13:32:52 +02:00
Stian Thorgersen
1e7fbd1312
Fix links in docs (#21585) 2023-07-11 11:04:46 +00:00
Stian Thorgersen
41a599144d
Add documentation for configuring KeycloakServer (#21591) 2023-07-11 12:59:10 +02:00
Stian Thorgersen
3d33878c33
Update release notes for 22 (#21583)
* Updates to release notes

* Fix
2023-07-11 11:02:45 +02:00
Alexander Schwartz
8bdfb8e1b6 Updating performance information on export/import
Closes: #20703
2023-07-07 09:43:59 -03:00
Alexander Schwartz
3f1553c6cb Referencing information in pom.xml for the list of tested databases
Closes: #21349
2023-07-06 11:39:11 -03:00
Justin Stephenson
4ece83dd3d
Update freeipa container image to quay.io (#19729) 2023-07-06 14:04:05 +02:00
Ronald Petty
9e68f80377
Update keys.adoc as Field is in prior section (#21012) 2023-07-06 12:50:10 +02:00
Thomas Darimont
637fa741b0
Align naming of OTP policy window setting with actual semantics (#20469) (#21316)
Closes #20469
2023-07-04 12:41:21 +02:00
rmartinc
09e30b3c99 Support for JWE IDToken and UserInfo tokens in OIDC brokers
Closes https://github.com/keycloak/keycloak/issues/21254
2023-07-03 21:25:46 -03:00
Kibubu
51b3906f9d Fix docs to create IAT
The docs mention an outdated path to create initial access tokens.

Fixed by guiding users to the right page
2023-07-03 20:47:41 -03:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side
closes #15014
2023-07-03 13:12:22 -03:00
Martin Bartoš
ee205c8fbc
Enable IPv6 dualstack support by default (#21340)
Closes #15003
2023-07-03 13:35:33 +00:00
Miquel Simon
83d043e7a8
Upgrade supported and tested version of Postgresql to 15 in order to match supported configuration for Keycloak 22. (#21333)
Closes #21338
2023-06-30 11:29:06 +00:00
Daniele Martinoli
e2ac9487f7
Conditional login through identity provider (#20188)
Closes #20191


Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-06-29 18:44:15 +02:00
Joshua Sorah
e945a056bb [docs] Update saml.xml.org link from http to https
closes keycloak/keycloak#21317
2023-06-29 18:24:14 +02:00
Joshua Sorah
8323e91f56 [docs] Update Native App redirect URI recommendtation from localhost to
127.0.0.1

Closes keycloak/keycloak#21300
2023-06-29 11:05:33 +02:00
Steven Hawkins
88992dae19
widens status to be any type. (#21281)
this is to avoid olm complaining about an incompatible schema during
upgrade

Relates to #13074
2023-06-29 08:57:22 +02:00
Ricardo Martin
1973d0f0d4 Check the redirect URI is http(s) when used for a form Post (#22)
Closes https://github.com/keycloak/security/issues/22

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-06-28 17:52:48 -03:00
Steven Hawkins
e9c9f80e8d
adds an instance label to support multiple instances (#20906)
Closes #10562 #14220
2023-06-28 18:05:23 +02:00
Boris Kheyfets
e80107757f Update getting-started-zip.adoc
https://www.keycloak.org/docs/21.0.1/release_notes/index.html#java-11-support-for-keycloak-server-deprecated
2023-06-28 15:49:10 +02:00
Hynek Mlnarik
b8149d66ca Remove ldapsOnly (console and docs)
Closes: #9313
2023-06-28 08:30:09 +02:00
Hynek Mlnarik
c092c76ae8 Remove ldapsOnly (Java)
In `LDAPConstants.java`, the function to set the Truststore SPI system property was removed, as this is now handled by the `shouldUseTruststoreSpi` method in `LdapUtil`.

Closes: #9313
2023-06-28 08:30:09 +02:00
Douglas Palmer
59e1a5d992 Custom theme - url.resourcesCommonPath references wrong theme
closes #20085
2023-06-28 08:25:44 +02:00
Stian Thorgersen
4fcb154d36
Add removal of account console v1 to release notes (#21212)
* Add removal of account console v1 to release notes

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-28 07:52:10 +02:00
Joshua Sorah
c28eba6382 Fix failing External Link Checks
Update URLs that are just redirects to another page.
Point to RFC 7517 for JWK draft docs that were hosted on personal site

Closes keycloak/keycloak#21263
2023-06-27 20:58:17 +02:00
zyairzy
bdb4dd8070
Support passing in locale option to init() (#11760)
Closes #11759
2023-06-27 07:19:13 +00:00
Steve Hawkins
6a92669139 finishes the conversion away from createOrReplace
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource

Closes #20850
2023-06-23 11:55:47 -03:00
Steven Hawkins
fc0be1a65b Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
2023-06-21 17:14:33 -03:00
Steve Hawkins
5701f70157 changes condition status to be a string, rather than a boolean
Closes #13074
2023-06-21 17:14:33 -03:00
Gilvan Filho
2493f11331 count users by custom user attribute
closes #14747
2023-06-21 11:56:22 -03:00
Stan Silvert
513c00bcd9
Remove unused feature flags. (#21039)
* Remove unused feature flags.
Fixes #20944
Fixes #20943

* Update release notes.

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-06-20 15:02:22 -04:00
Marek Posolda
a6ad701b5e
Update securing_applications guide for latest adapter changes (community) (#20995)
closes #20994


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-20 09:21:47 +02:00
rmartinc
20121ee9da Update docs and tooltips for lifespan and idle timeout changes
Closes https://github.com/keycloak/keycloak/issues/20791
2023-06-20 09:01:32 +02:00
Hynek Mlnařík
6b1f08ce26 Update docs/guides/server/keycloak-truststore.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-20 07:47:10 +02:00
Hynek Mlnarik
25e73827f3 Documentation on LDAP secure connection
Closes: #12018
2023-06-20 07:47:10 +02:00
Daniele Martinoli
d9b271c22a
Extends the conditional user attribute authenticator to check the attributes of the joined groups (#20189)
Closes #20007
2023-06-19 15:22:35 +02:00
Jon Koops
651a7f29fc
Promote Account Console v3 to preview (#20969) 2023-06-15 12:24:01 -04:00
vramik
535bba5792 Update UserQueryProvider methods
Closes #20438
2023-06-12 16:04:26 +02:00
Vlasta Ramik
ed473da22b
Clean-up of deprecated methods and interfaces
Fixes #20877

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-09 17:11:20 +00:00
Réda Housni Alaoui
eb9bb281ec Require user to agree to 'terms and conditions' during registration 2023-06-08 10:39:00 -03:00
Marek Posolda
8080085cc1
Removing 'http challenge' authentication flow and related authenticators (#20731)
closes #20497


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-08 14:52:34 +02:00
Peter Zaoral
f4cc6d7b76 Update the docs
* updated the release notes
* updated the FIPS guide

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-06-07 09:23:12 -03:00
Václav Muzikář
0c2ac4f776
Remove mentions of temporary support for Java EE Admin Client (#20807) 2023-06-06 15:39:56 -03:00
Steven Hawkins
d045156ba4
Adding the ability to set ingressClassName (#20796)
Closes #20723
2023-06-05 21:10:39 +00:00
Matthew Helmke
6ce9676d68 Update docs/documentation/internal_resources/contributing.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-02 07:58:59 -03:00
Matthew Helmke
4761ac1587 Update contributing.adoc
Just fixed a link that went stale when the docs moved from their own repo into the main one.

Oh, and hello!! :D
2023-06-02 07:58:59 -03:00
Martin Kanis
43a2eb40f1 Documentation for User Storage Spi is incorrect
Closes #19763
2023-06-01 10:05:57 +02:00
Pedro Igor
53dfb44a8f
Migration guide for JAX-RS changes (#20659)
Closes #keycloak/keycloak#15454
2023-05-31 13:50:34 +00:00
Takashi Norimatsu
a29c30ccd5 FAPI 2.0 security profile - not allow an authorization request whose parameters were not included in PAR request
closes #20623
2023-05-31 14:02:44 +02:00
vramik
a175efcb72 Split UserQueryProvider into UserQueryMethods and UserCountMethods and make LdapStorageProvider implement only UserQueryMethods
Co-authored-by: mhajas <mhajas@redhat.com>

Closed #20156
2023-05-31 11:47:54 +02:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Pedro Igor
9ad295a3bc Add back examples for Kubernetes and Openshift to the quickstarts
Closes #20635
2023-05-30 15:32:08 +02:00
Stefan Guilhen
27e79fb025 Fix LDAP user synchronization documentation
Closes #16833
2023-05-30 13:36:34 +02:00
Pedro Igor
b41904bf04 Update release notes on adapter deprecation 2023-05-29 09:47:33 -03:00
Yoshiyuki Tabata
bd37875a66 allow specifying format of "permission" parameter in the UMA grant token
endpoint (#15947)
2023-05-29 08:56:39 -03:00
Peter Zaoral
34e5884415
SmallRye Keystore (#20375)
* added integration with SmallRye Keystore (keycloak#19281)

Closes #11089

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-05-25 17:36:20 +02:00
Doctor-love
6598bb043b
Update example custom cache configuration for v>21 (#17289)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>

Closes #20550
2023-05-24 20:26:25 -03:00
Peter Zaoral
72b238fb48
Keystore vault (#19644)
* KeystoreVault SPI

* added KeystoreVault - a Vault SPI implementation (#19281)

Closes #17252

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-05-24 16:20:30 +00:00
Andre Nascimento
c8d418d50b Update of the Server Development doc about how 'User Storage Providers' must adhere to Quarkus.
Closes #19156
2023-05-24 08:41:17 -03:00
mposolda
2672c47bc8 Docs note about manually delete themes cache
closes #19675
2023-05-23 08:53:27 +02:00
Marek Posolda
d7d6b83bd6
Fix the documentation about default themes (#20488)
closes #17130


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-22 19:09:01 +02:00
vramik
fd6a6ec3ad Make LDAP searchForUsersStream consistent with other storages
Co-authored-by: mhajas <mhajas@redhat.com>

Closes #17294
2023-05-19 08:40:41 +02:00
Marek Posolda
908ba027b6
More docs clarification for script authenticator (#20444)
* More docs clarification for script authenticator
closes #20009


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-18 17:41:28 +02:00
Hynek Mlnařík
41cf72d57f
Add note about preserving ID in imports
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-18 13:23:07 +02:00
Václav Muzikář
c30b234bbb Reorder chapters in server guide
Closes #20354
2023-05-17 15:31:52 -03:00
Martin Bartoš
812a6c0b99
Improve readability of Operator guides (#20093)
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-05-17 17:34:32 +02:00
danielFesenmeyer
d543ba5b56 Consistent message resolving regarding language fallbacks for all themes
- the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en
- centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest
- add basic integration tests to check whether realm localization can be used in all supported contexts:
  - Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest
  - Login theme: LoginPageTest
  - Email theme: EmailTest
- deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2
- fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests
- improvements regarding message resolving in Admin UI V2:
  - add cypress test i18n_test.spec.ts, which checks the fallback implementation
  - log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case)

Closes #15845
2023-05-17 15:00:32 +02:00
rmartinc
fdd5e51dbc SSSD documentation updated for quarkus distribution
Closes https://github.com/keycloak/keycloak/issues/20263
2023-05-16 14:26:04 +02:00
Takashi Norimatsu
7f5e94db87 KEYCLOAK-19539 FAPI 2.0 Baseline : Reject Implicit Grant 2023-05-16 14:17:29 +02:00
Martin Kanis
31557f649f Update documentation on user storage provider in Quarkus
Closes #17394
2023-05-16 11:57:26 +02:00
Alexander Schwartz
943b8a37d9
Replace guide with a placeholder for downstream docs (#20266)
Closes #20256
2023-05-16 08:59:11 +02:00
Alexander Schwartz
8cfe8b1411
Update the docs on passthrough proxy (#20072)
Closes #20070
2023-05-15 15:44:47 +00:00
Martin Bartoš
b64260bce5
Jakarta EE and Quarkus 3 upgrade documentation (#20131)
Closes #16251

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-05-15 17:20:04 +02:00
AndyMunro
3443739336 Fix headings in Server Developer guide
Closes #20216
2023-05-15 16:49:29 +02:00
Jon Koops
04ab848003
Rework merging of message bundles for localization of Admin Console (#20183)
Closes #20182
2023-05-11 14:23:10 -04:00
Martin Bartoš
39d24bd04d
Migration guide for Keycloak admin client (#20091) 2023-05-10 09:22:33 +02:00
Joshua Sorah
67cc6bfa7c [docs] Add Keycloak JIRA login redirect to allow list.
Modify the ignored-link-redirects to include a regex that covers the Keycloak JIRA login redirect.

This will prevent the tests from failing due to seeing the login redirect.

Closes keycloak/keycloak#20259
2023-05-09 21:08:57 +02:00
vibrown
5aef59acd8 Changed references to Jira issues to Github issues
Closes #19136
2023-05-09 08:54:25 +02:00
Jon Koops
1d2a98d747
Modernize documentation of JavaScript adapter (#20081)
Closes #19792

Co-authored-by: Andrew Munro <amunro@redhat.com>
2023-05-08 08:21:53 -04:00
Martin Bartoš
960e3503ec
Artifact SLF4J LOG4J-12 has been relocated (#20113) 2023-05-05 13:57:45 +02:00
Alexander Schwartz
8573c667a4
Replace guide with a placeholder for downstream docs (#20149)
Closes #20148
2023-05-04 11:04:44 +02:00
Stian Thorgersen
19d7dc69f7
Fix links (#20147) 2023-05-04 10:27:52 +02:00
Alexander Schwartz
75ea22bad2
Remove latest vs. archive document header (#20103)
This is done as the docs are no longer built twice.

Closes #19974
2023-05-03 09:16:34 +00:00
Alexander Schwartz
ff284182ba
Fix the links to the docs which have three groups starting from KC19 (#20035)
Relates to #19974
2023-05-03 08:58:52 +02:00
mposolda
85d2c41a62 Switch FIPS automated test to ubi8 instead of ubi9
closes #19977
2023-04-27 12:06:21 +02:00
xiyang
40cc3a0394 Update building.md
build keycloak-js-adapter-jar error, requires Maven version >= 3.6.0
2023-04-27 11:20:26 +02:00
mposolda
a3f2ebb193 Ability to override default/built-in providers with same providerId. Using ProviderFactory.order() for choosing priority providers
Closes #19867
2023-04-25 18:04:58 +02:00
Jon Koops
5cfa4bedfd
Remove function-style constructor from Keycloak JS (#19912) 2023-04-24 12:24:33 +00:00
Alexander Schwartz
4f8d67c9fc All commands now auto-reaugment except show-config
Closes #15782
Closes #15898
Closes #17498
2023-04-21 15:06:51 +02:00
ikhomyn
84a7b57059
fix db for openshift 2023-04-21 12:36:41 +00:00
Andre Nascimento
a7153af7b0 Port of the custom extension 'Hostname Debug Tool' to Keycloak.
Co-authored-by: stianst <stian@redhat.com>

Closes #15910
2023-04-21 13:53:33 +02:00
Stian Thorgersen
6b3eb46314
Fix setting versions for docs (#19826)
Closes #19801
2023-04-20 09:07:05 +02:00
Stian Thorgersen
2484e87ffc
Update 21_1_0.adoc 2023-04-20 08:23:54 +02:00
AndyMunro
687c3868c1 Refining Configuring Keycloak guide
Closes #17495
2023-04-19 17:53:46 +02:00
andymunro
30ce2d1e5b
Improve key rotation section (#19168)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-04-19 11:04:13 -03:00
buti1021
8a4af59ccb
new link for edit this section button (#19680) 2023-04-18 08:42:51 +02:00
Alexander Schwartz
76ee1be76c
Introducing attribute 'section' to support different naming upstream/downstream (#19547)
Closes #19546
2023-04-17 08:44:34 +02:00
Stian Thorgersen
feb20de2ef
Update release notes for 21.1 (#19718)
* Update release notes for 21.1

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-04-14 16:04:44 +02:00
Jon Koops
37e46f3551
Refer to Account Console features by version number (#19716) 2023-04-14 10:48:36 +00:00
Jon Koops
a2eb619e0e
Include Account Console version 3 as a theme (#19641) 2023-04-13 09:41:40 -04:00
mposolda
863d28e232 Promote FIPS 140-2 to supported in Keycloak 22
closes #17234
2023-04-12 15:29:54 +02:00
mposolda
087d1a3be8 Remove unused and outdated page for user federation mapper
closes #19128
2023-04-12 15:21:41 +02:00
mposolda
d89c81fec4 Authentication flows first paragraph seems incomplete
closes #19126
2023-04-12 15:21:03 +02:00
little-pinecone
783cf00f3e Add example for mapping role names between Keycloak and Spring Boot
* use SimpleAuthorityMapper as an example mapper
* show how to convert role names to upper case
* document that the default prefix for that mapper maps role names properly

Closes #19535
2023-04-05 11:04:54 -03:00
mposolda
c6f13363b9 Add nashorn javascript engine to Keycloak server
closes #17671
2023-04-04 14:56:46 +02:00
Jon Koops
bdc019b02c
Fully deprecate function-style constructor for Keycloak JS (#19438) 2023-04-03 14:45:55 +02:00
Pedro Igor
d857ea8ec2 Removing custom classloader and allow loading drivers at runtime
Closes #13205

Co-authored-by: Brett Lounsbury <brett.lounsbury@nasdaq.com>
2023-03-31 18:05:55 +02:00
Jon Koops
8f627517cb
Remove legacy Promise APIs from Keycloak JS (#19389) 2023-03-29 16:29:27 +00:00
Michal Hajas
e49dfe534e Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store
Closes #17277
2023-03-29 16:43:01 +02:00
Pedro Hos
142bb30f66
Incorrect documentation around password policies (#19364)
closes #19363


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 10:09:40 +02:00
Marek Posolda
032ece9f7b
Clarify user session limits documentation and test SSO scenario (#19372)
Closes #17374


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 10:08:45 +02:00
Alexander Schwartz
6e30e09cca
Run tests for the moved documentation (#19278)
Closes #19272
2023-03-28 12:35:27 +02:00
Pedro Hos
a96ff792d8 Typo in Outgoing HTTP requests documentation
closes #17242
2023-03-28 10:04:10 +02:00
Thomas Darimont
ad05557321 Revise password blacklist documentation
Closes #19279

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Andy Munro <amunro@redhat.com>
2023-03-28 08:01:39 +02:00
Alexander Schwartz
23d82ea4ed Fix token exchange required features in the docs
Closes #19291

Co-authored-by: alcidesmig@gmail.com
2023-03-27 10:19:36 -03:00
rmartinc
c1afd3f99f Docs changes for running the adapters with EAP7 and jdk-17
Closes https://github.com/keycloak/keycloak/issues/19273
2023-03-27 11:32:33 +02:00
Konstantinos Georgilakis
fd28cd2d4b Service Accounts Client must create the Client ID mapper with Token Claim Name as client_id
closes #16329
2023-03-23 11:45:34 +01:00
mposolda
9ed5e56fd5 Updating name of the provider in the docs
closes #19122
2023-03-23 07:41:57 -03:00
Marek Posolda
74429e8855
Explicitly add note to the docs that admin user needs to be created be created before using admin REST API (#19246)
closes #19145


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-22 21:19:09 +01:00
Denis Richtarik
5e92fb9008 Skip on deploy plugin in documentation tests module 2023-03-22 12:40:32 +01:00
Miquel Simon
38b351b2e0 Generate jar file for documentation test artifact. 2023-03-22 12:36:47 +01:00
Stian Thorgersen
70bad90455
Skip GPG signing for docs test module (#19197) 2023-03-21 08:49:08 +01:00
Stian Thorgersen
cc91e818ed
Skip deploying docs to Maven (#19192) 2023-03-21 07:52:34 +01:00
Alex Szczuczko
e26203467f Specify header-maven-plugin version via project.version property
Closes #19186
2023-03-20 22:08:58 +01:00
Alexander Schwartz
acd01dedb6 Integrate documentation into parent build
Closes #19158
2023-03-20 13:09:23 +01:00
Alexander Schwartz
077b0644fe Merge keycloak-documentation to main repository
CIAM-5056
2023-03-20 09:11:39 +01:00
Alexander Schwartz
4dcb819c06 Moving docs to new folder
CIAM-5056
2023-03-20 09:07:58 +01:00
stianst
bfcc278deb Exclude experimental configuration options for the guides
Closes #19057
2023-03-16 11:05:03 +01:00
Jon Koops
96aa4b3394
Add Maven build for the Admin UI (#17552) 2023-03-13 18:16:12 +00:00
Václav Muzikář
6ad3005717 Fix container docs for adding a custom provider 2023-03-09 16:27:36 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alexander Schwartz
af0bdd71d3
Move guides to /docs/guides so they are simpler to find and maintain (#17378)
CIAM-5057
2023-03-03 10:08:05 +00:00
Alexander Schwartz
d32b443a27
Write AsciiDoc output as UTF-8 independent of system file encoding. (#17419)
This preserves the UTF-8 encoding of the AsciiDoc input files.

Closes #17417
2023-03-03 09:45:10 +01:00
Sebastian Schuster
2ad5677e3d 17376 added quotes to features documentation 2023-03-02 16:44:32 +01:00
Sebastian Schuster
edcbf73b27 16188 added quotes do logging documentation to also work under Windows 2023-03-01 17:52:00 +01:00
Alex Szczuczko
0b78cf9b29 Update the server guide for the RPM-minimized container
Closes #17273
2023-03-01 16:37:00 +01:00
andymunro
22d090927e
Applying documentation style to the Operator Guide (#17205)
Closes #17177
2023-03-01 16:24:36 +01:00
YO!CHI KIKUCHI
2429d18d78 Update containers.adoc #17301 2023-02-28 09:50:07 +01:00
andymunro
48519be52b
Eliminate guide from cross-references (#17065)
Closes #17055
2023-02-27 14:57:43 +01:00
Alexander Schwartz
8abe984844
Change the list features to the format of a description list (#17237)
CIAM-5050
2023-02-27 08:36:29 +01:00
Pedro Igor
2b98fcdecb Support for standard Forwarded header
Closes #11580
2023-02-22 19:28:04 +01:00
Marek Posolda
b9ab942ef8
FIPS related docs (#17196)
* FIPS related docs
Closes #16444 #12432 #12429

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-02-22 12:47:15 +01:00
Alexander Schwartz
9ebbf9ceef
Avoid nested table for downstream docs (#17145)
* Avoid nested table for downstream docs

CIAM-5051

* WIP

* Next iteration: making the options and their values monospaced. Merge the default column into the values column

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-02-21 13:44:39 +00:00
andymunro
b8e01596f6
Apply to Keycloak documentation style to the Getting Started guides (#17173)
Closes #17133
2023-02-20 13:58:57 +01:00
Alexander Schwartz
d4604984d0
Compatibility with Maven4 and parallel builds (#16312)
Closes #16308
2023-02-14 11:44:53 +01:00
Alexander Schwartz
e03105e685
Align docs with AsciiDoc best practices for downstream processing (#16996)
CIAM-5054
2023-02-13 08:40:02 +01:00
mposolda
3b44e989cb Doublecheck FIPS integration with container
Closes #16891
2023-02-10 16:01:35 -03:00
Stian Thorgersen
6e1a58adc6
Move getting started and migration guides to main repo (#16675)
* Move getting started and migration guides to main repo

Closes #16575

* Fix copy images

* Remove images for Vue getting started that remains on website for now
2023-02-09 10:29:41 +01:00
Alexander Schwartz
9ecd589690
Update docs to enable downstream processing (#16595)
Relates to: #16475
2023-02-08 15:33:43 +01:00
Pedro Igor
75824920aa Update proxy guide with information about session stickness
Closes #16892
2023-02-07 16:42:38 -03:00
Pedro Igor
b5fb528508 Do not enable caching metrics by default and provide a guide
Closes #16751
2023-02-01 18:55:43 +01:00
mposolda
7f017f540e BCFIPS approved mode: Some tests failing due the short secret for client-secret-jwt client authentication
Closes #16678
2023-01-30 08:40:46 +01:00
mposolda
a804400c84 Added KERBEROS feature. Disable it when running tests on FIPS
closes #14966
2023-01-25 18:38:46 +01:00
m2minthemeadow
447364076a
Update containers.adoc (#15729)
You have to set also variable KC_DB after building image, otherwise Keycloak will default to H2 database
2023-01-20 09:14:32 +01:00
yvesgab
234267556d
Update logging.adoc (#16179)
Incorrect reference to "log-format" configuration instead of "log-console-format"
2023-01-20 09:11:04 +01:00
Seenox
ac6b9ed421
docs: add missing backslash to realm startup command (#16381) 2023-01-20 09:10:31 +01:00
Joshua Sorah
d388ae7ce7
Fix markdown link to database tests (#15457) 2023-01-20 08:08:31 +01:00
mposolda
79fa6bb3c9 Initial support for running testsuite in BCFIPS approved mode
Closes #16429
2023-01-13 02:59:06 -08:00
Stian Thorgersen
794e7414f3
Set OkHttp 4.10.0 in parent pom (#16383) 2023-01-12 11:41:42 +01:00
Pedro Igor
522bf1c0b0 Keep consistency when importing realms at startup when they are exported via the export command
Closes #16281

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-01-06 18:53:01 +01:00
Martin Bartoš
af3ba49393 Clarify using of --optimized flag with DBs
Closes #16220
2023-01-04 02:47:22 -08:00
mposolda
36bd76957d Make Keycloak FIPS working with OpenJDK 17 on FIPS enabled RHEL
Closes #15721
2022-12-20 21:03:55 +01:00
Pedro Igor
1ed81fa377 Updating production guide about how to change network stack setting
Closes #15925
2022-12-12 09:29:14 -08:00
mposolda
264c5a6cdb Support for KcReg and KcAdm CLI to use BCFIPS instead of BC on FIPS platforms
Closes #14968
2022-12-06 13:02:46 +01:00
mposolda
3e9c729f9e X.509 authentication fixes for FIPS
Closes #14967
2022-11-25 11:50:30 +01:00
Alexander Schwartz
fb315b57c3 Use the same Oracle driver for the tests and Undertow like for Quarkus
Closes #15576
2022-11-23 09:26:18 +01:00
Gerrit Sedlaczek
bf458c5715
fixed grammar in health.adoc (#15511) 2022-11-17 08:21:31 +01:00
Stefan Guilhen
4763cfb961 Add missing JDBC driver configuration for MS SQL Server
Closes #15060
2022-11-11 19:44:20 +01:00
stianst
1de9c201c6 Refactor Profile
Closes #15206
2022-11-07 07:28:11 -03:00
Václav Muzikář
71d9b16717 Update Operator docs to reflect Keycloak CR changes 2022-10-24 16:05:00 +02:00
Pedro Igor
1fe3ce79eb Change the title of the Keycloak Truststore guide to make the intent more clear
Closes #14960

Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-10-21 16:31:41 -03:00
Pedro Igor
dfb2bd144b Fixing commands in the database guide
Closes #14940
2022-10-21 16:08:37 -03:00
Andre Nascimento RH
d12aef0b43
Rename free-form field from 'serverConfiguration' to 'additionalOptions' in Keycloak CR. 2022-10-21 14:41:02 +02:00
Peter Zaoral
4dfbb42680 Refine Ingress settings in Keycloak CR
Closes Keycloak#14407

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2022-10-18 17:44:50 +02:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream (#14697)
* Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

* review suggestions: Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

Co-authored-by: Peter Skopek <pskopek@redhat.com>
2022-10-18 14:43:04 +02:00
Marek Posolda
0756ef9a75
Initial integration tests with BCFIPS distribution (#14895)
Closes #14886
2022-10-17 23:33:22 +02:00
Muhammad Ummar Iqbal
91a58ed1b9
Documentation updated: Hosting from a sub path section added (#14505)
* Hosting from a sub path section added

* Update as per PR comments

* updates # 2 as per suggestions

* details link removed

* includedOptions section updated
2022-10-05 19:52:05 +02:00
Martin Bartoš
a20d6e2f1f
Remove JBoss-based auth servers from the testsuite (#14317)
Closes #14299
2022-09-30 09:41:57 +02:00
Paweł Walczak
b739878916
Fixed typo in --proxy example (#14539) 2022-09-23 07:43:03 +02:00
Youssef El Houti
7f58c1c570 KEYCLOAK-19138 nginx x509 client trusted certificate lookup 2022-09-01 15:02:56 -03:00
Marek Posolda
19daf2b375
Not possible to login in FIPS enabled RHEL 8.6. Support for parsing PEM private keys in BCFIPS module in both traditional and PKCS8 format (#14008)
Closes #13994
2022-08-30 22:33:12 +02:00
eabykov
6ad71557de Fixed Elasticsearch version
- update Mongo https://docs.graylog.org/docs/upgrade
- update Graylog https://www.graylog.org/post/announcing-graylog-v4-3-3
2022-08-30 15:50:10 -03:00
Václav Muzikář
0254900b12
Document how to build from IDE (#14093) 2022-08-30 16:59:36 +02:00
Pedro Igor
c968925298
Fix the provider id in the database migration example (#14038)
Closes #14037
2022-08-26 14:23:39 +02:00
psytester
ae54fa8dd2
JPA spi example added (#11110)
* JPA spi example added

Added: how to configure JPA migration

* Update db.adoc

* Update configuration-provider.adoc

moved JPA config to db.adoc

* Update docs/guides/src/main/server/configuration-provider.adoc

Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-08-26 10:38:41 +02:00
Welton Rodrigo Torres Nascimento
ac6ee54455
Document --hostname-strict under reverse proxy (#12881) 2022-08-26 10:11:18 +02:00
Marc Wrobel
827e6c0b20
Fix minor typos in documentations (#13154)
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-08-26 08:07:59 +02:00
Pedro Igor
52aad0bbdc Allow setting a URL to configure frontend and admin URLs
Closes #13524

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-08-25 23:03:09 -03:00
Eric Ashley
21243dafc6
Update reverseproxy.adoc (#12570)
On line 44, "more be" should read "be more"
2022-08-25 13:28:24 +02:00
Deven Phillips
55954b2be7 Improve docs for importing a realm in a container 2022-08-10 11:16:04 -03:00
AndyMunro
a275e239f1 Applying edits to logging guide
Updates to Gelf section

Closes #10363
2022-08-10 09:02:50 -03:00
Martin Kanis
2aadc07703 Improve database topic
Improve clarity, readability, and consistency of the database topic

Closes: #10012
2022-08-09 13:14:52 +02:00
Pedro Igor
cf249fc6ae Updating production guide with information about switching from ipv4 to ipv6
Closes #11979
2022-08-05 11:55:09 -03:00
Pedro Igor
2b2287d1ee More information to the container guide
Closes #13569
2022-08-05 09:45:37 -03:00
Dominik Guhr
f0b7cc66f6 remove ambiguity in caching docs
Closes #13553
2022-08-04 14:49:37 -03:00
Pedro Igor
a5dd9e985c Improving clustering guide and more information about cache-stack and custom stacks
Closes #12862
2022-08-04 11:31:57 -03:00
Dominik Guhr
bef3427add Update docs/guides/src/main/server/logging.adoc
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2022-08-01 12:28:47 -03:00
Dominik Guhr
43afcf11ac add gelf log level option
also aligns writing in logging.adoc to always use GELF instead of gelf/Gelf in plain text.

Closes #13397
2022-08-01 12:28:47 -03:00
Marek Posolda
7e925bfbff
Unit tests in "crypto/fips1402" passing on RHEL 8.6 with BC FIPS approved mode. Cleanup (#13406)
Closes #13128
2022-07-29 18:03:56 +02:00
manojreddy
7356e1a379
Update configuration.adoc (#13400)
Updated command to run the application from build to start.
2022-07-29 12:24:34 +02:00
Dominik Guhr
22e1c4854d
changed config guide (#13137)
Closes #13135
2022-07-27 09:33:54 +02:00
Dominik Guhr
9bb1299d89 change optimised to optimized
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
2022-07-22 10:29:07 -03:00
Pedro Igor
e14bd51656 Properly enable/disable metrics and health endpoints
Closes #11506

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-07-22 09:41:29 -03:00
Pedro Igor
89028613d8 Introducing --optimise option
Closes #10737
2022-07-15 15:12:17 -03:00
TheGeekInTheShell
27bed258db
Typo in the configuration provider documentation
It would seem that it was written slashes instead of dashes

Resolves #13085
2022-07-13 10:58:48 -03:00
Dominik Guhr
1d6dde02e5 Add support and docs for centralized logging using gelf.
* 99% 1:1 wrapper of the underlying quarkus gelf extension.
* excluded `filter-stack-trace` and `stack-trace-throwable-reference` options for now, as they are either undocumented on the quarkus side or not important imo.
* added docs and examples for Graylog and ELK stack
* NOT added an automated test, as this is really a 1:1 wrapper around the extension, Test setup would be cumbersome, test would take too much time and tests are done in quarkus itself.

Closes #12125
2022-06-30 16:16:19 -03:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692)
Closes #12625
2022-06-29 07:17:09 +02:00
Pedro Igor
c95ecd9e88 More information in the proxy guide about exposing the administration console
Closes #12450
2022-06-23 10:36:19 -03:00
Pedro Igor
95528e77bb
Fixing env vars precedence over conf file (#12638)
Closes #12413
2022-06-22 15:13:58 +02:00
Marek Posolda
3f5741e988
Possibility to switch between FIPS and non-FIPS during keycloak+quarkus seerver build (#12513)
* Possibility to switch between FIPS and non-FIPS during keycloak+quarkus server build

Closes #12522
2022-06-21 11:17:45 +02:00
Alexander Schwartz
850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required.
Closes #10842
2022-06-20 14:44:33 -03:00
Stian Thorgersen
fb18b693c4
Add Maven settings for release jobs (#12479)
Closes #12474
2022-06-13 15:53:44 +02:00
Pedro Igor
b34f46155c Allow setting the admin hostname
Closes #12190
2022-06-08 16:41:43 -03:00
Pedro Igor
5f349195bb Provide a separate guide for configuring the server truststore
Closes #12260
2022-06-07 10:57:37 -03:00
Pedro Igor
c0fd3b89ea Fixing docs to state that substitution only works when importing at startup
Closes #12069
2022-05-30 08:09:00 -03:00
andreaTP
d66710205c Refactor dist config to a common module 2022-05-26 12:07:03 -03:00
Dominik Guhr
2e0d2ecbfb Fix link to rest api in import export guide for operator
Has to be merged together with the PR for keycloak/keycloak-web#316 to work correctly

Also fixes a few typos in the guide

Closes #11930
2022-05-17 11:48:46 -03:00
Pedro Igor
b5a5d68dbc Imposing certain constraints to files when importing at start-up
Closes #11861
2022-05-16 16:49:42 +02:00
Kai SHEN
3feed3827c
Add logging format symbols description (#10877)
Resolves #11998
2022-05-16 09:28:04 -03:00
Dominik Guhr
b484bc1268 Update docs/guides/src/main/server/hostname.adoc
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-05-16 12:44:38 +02:00
Dominik Guhr
7a8d38eae3 Adjust docs to reflect what was discussed in #11856
Closes #11579
2022-05-16 12:44:38 +02:00